Field of the Invention
The present invention is related to a mutual authentication method with a network and a system using the method; and more particularly, a method for a group leader to carry out mutual authentication with a network in Machine-Type Communication (MTC) and a system using the method.
Discussion of the Related Art
Machine-to-Machine (M2M) communication enables millions of machines to communicate with devices in the surroundings of the machines through wired or wireless connection. Multitude of new applications within tracking, monitoring, maintenance, and security categories are emerging as M2M communication comes into reality. Similar to M2M communication, the 3rd Generation Partnership Project (3GPP) defines the communication between devices and ordinary things which does not involve human intervention as Machine Type Communication (MTC), and standardization for the communication method is being carried out. The 3GPP defines group-based MTC features for the purpose of managing a plurality of MTC terminals in an efficient manner, but backgrounds of and policies for introducing MTC groups are mentioned only briefly without in-depth discussion thereof.
In particular, a method for using delegation-based authentication is one of the methods studied in an attempt to reduce requirements of authentication signaling which cause many problems when MTC communication is performed. In this method, an authentication server authenticates a device by signaling its own authentication signal that can be verified by a serving network. The device does not require other method for accessing the authentication server than receiving the aforementioned authentication signal. However, such a kind of method requires a public key infrastructure and thus suffers a problem since it is not compatible with current secret key systems.
In another method, devices are grouped and serving networks are allowed to have a group leader. A leader, on behalf of all of the MTC devices, authenticates itself to the network. Dynamic Group Based And Key Agreement (DGBAKA) and Group-based AKA (G-AKA) are two security protocols for authenticating a group of MTC devices. Due to the grouping model, the aforementioned two protocols can reduce communication costs in a network. However, since the two protocols define a procedure for authentication among a group leader and group members in a more or less inefficient manner, the overall complexity of a system is increased as the number of MTC devices becomes large.
EAP-based Group Authentication (EG-AKA) and Secure and Efficient (SE) AKA are group AKA protocols for LTE networks. The overall delay of a current AKA with respect to a single user is large due to a round-trip delay of the authentication server within a core network to and from a backend. To alleviate the delay, the EG-AKA and the SE-AKA have been designed to reduce the number of access to the authentication server. In other words, only the first member within a group is required to perform handshake with the authentication server for authentication. The other members are authenticated by a gateway located close to the authentication server. Since a single group key is shared among group members, a member can overhear private communication of other members. Taking this fact into consideration, these protocols enable forward and backward secrecy of Elliptic Curve Diffie-Hellman (ECDH). However, it should be noted that the protocols above adopt asymmetric key encryption to protect privacy of devices. Therefore, the ECDH and asymmetric encryption may not be appropriate for those MTC devices in a lack of resources.
In other words, the conventional methods are unable to completely solve the problem of congestion and overload in authentication signaling in the LTE or LTE-Advanced (LTE-A) network, and until recently, it was not clear whether signaling traffic among MTC devices had been managed in a productive manner.